By configuring computer delegation with PowerShell, you can determine whether you can access an Active Directory (AD) computer from another computer. This article will demonstrate the difference between unconstrained delegation, constrained delegation to any service, and constrained delegation to specified services.

Contents of this article:

• The concept of computer delegation in a nutshell
• Two different approaches
• Unconstrained delegation to any service
• Constrained delegation to specified services with Kerberos only
• Constrained delegation to specified services only with any authentication protocol
• Resource-based constrained delegation
• Check the current delegation for a computer
• Remove delegation

Read more from my guest article on 4SysOps